Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Nn6sk4HaMT9_bKl347R9Q6yl33w.roa
File: Nn6sk4HaMT9_bKl347R9Q6yl33w.roa (raw, json)
Hash identifier: Mg7aVU/I9/EGzHSOWgkGhs3bT13M8A/3GbGhdoK3KBw=
Subject key identifier: 36:7E:AC:93:81:DA:31:3F:7F:6C:A9:77:E3:B4:7D:43:AC:A5:DF:7C
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01955F8EF85EBBE7F3353B81055702F2D5D1
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Nn6sk4HaMT9_bKl347R9Q6yl33w.roa
Signing time: Tue 04 Mar 2025 05:09:19 +0000
ROA not before: Tue 04 Mar 2025 05:09:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 85.239.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Mar 2025 04:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5f:8e:f8:5e:bb:e7:f3:35:3b:81:05:57:02:f2:d5:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 4 05:09:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=367eac9381da313f7f6ca977e3b47d43aca5df7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:06:ba:81:00:c9:70:7d:07:e5:41:8a:aa:65:
3e:8c:de:d9:b9:a1:7b:70:fd:f0:c8:57:52:30:15:
fd:5e:e9:57:ef:73:d0:e8:de:5a:e0:71:df:f7:5b:
23:58:8e:c3:9e:e3:18:62:af:6e:f6:ba:50:c5:35:
07:ab:45:bd:c5:b5:dc:a1:38:98:2a:cc:f1:33:02:
5b:9c:85:4e:fb:40:b8:f1:39:ed:84:a8:0c:19:19:
34:85:69:af:3d:3c:1d:05:39:02:f9:75:4f:68:ff:
8c:72:be:86:f0:af:0c:95:cc:e4:4a:b0:f2:36:5d:
15:51:95:bb:03:cc:dd:47:1f:8c:c5:eb:fa:0f:fe:
bd:af:61:32:b0:30:44:52:cd:3c:da:d2:14:21:c9:
d2:a2:25:80:da:60:5a:a4:bb:66:09:9c:48:f0:c1:
8f:4c:ac:6e:26:07:97:c4:60:5f:29:5d:d9:ee:2b:
ee:9a:e5:66:18:be:31:3c:9d:0e:33:b5:ab:13:b9:
43:6f:a4:d9:18:78:dd:66:ba:36:bc:3a:96:a5:f7:
c7:05:27:87:64:6e:46:27:7c:14:45:6c:57:53:03:
a7:71:1d:15:f5:ee:d4:2e:2e:94:3d:f2:5b:38:da:
ca:99:25:05:31:1b:1d:e6:a9:f3:0d:04:a5:ac:ba:
16:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7E:AC:93:81:DA:31:3F:7F:6C:A9:77:E3:B4:7D:43:AC:A5:DF:7C
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Nn6sk4HaMT9_bKl347R9Q6yl33w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.156.0/24
Signature Algorithm: sha256WithRSAEncryption
64:9f:fd:26:e5:53:8c:bd:a2:bd:6b:cd:dd:b6:c7:8e:1d:a6:
07:b3:50:de:b8:5d:16:33:b1:ac:dc:17:d2:ec:5a:17:b6:d9:
46:df:ea:5e:2b:cf:0d:43:e4:d2:f7:f1:ec:90:96:e5:7e:eb:
f5:a8:1e:13:63:a2:f6:27:35:8b:87:d2:e3:98:8e:fd:87:69:
94:a3:9f:0a:4f:3a:fe:39:f6:09:c3:73:20:1c:11:fc:70:06:
5e:b9:3b:d0:7e:1e:b8:39:52:bd:d1:cb:c9:f6:bf:e9:dc:c2:
80:88:ed:c4:a0:42:b6:e3:91:da:bf:ee:fc:16:b7:1a:54:e0:
de:04:b1:10:a1:0c:ab:c4:37:79:f6:2d:fb:91:eb:82:e9:2b:
1a:84:26:e3:9c:85:68:2b:19:67:77:ff:14:62:92:ac:dd:d2:
65:08:e2:2b:93:92:ee:46:88:8a:99:97:5b:5e:d2:57:fc:6a:
04:45:70:ee:db:5b:20:b0:f8:77:1d:80:a6:df:87:d5:ab:0b:
05:2f:89:c1:a7:3e:77:02:b3:6e:47:fe:c7:ff:f0:e4:8b:cf:
d5:75:a3:2f:bf:53:20:59:e0:a6:0a:54:eb:f6:52:ae:30:38:
d6:c4:fc:37:7a:cc:9c:e1:1e:5b:78:4a:25:e9:db:f4:bc:16:
23:50:6e:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVfjvheu+fzNTuBBVcC8tXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzA0MDUwOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjdlYWM5MzgxZGEzMTNmN2Y2Y2E5NzdlM2I0N2Q0M2FjYTVkZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAa6gQDJcH0H5UGKqmU+jN7ZuaF7
cP3wyFdSMBX9XulX73PQ6N5a4HHf91sjWI7DnuMYYq9u9rpQxTUHq0W9xbXcoTiY
KszxMwJbnIVO+0C48TnthKgMGRk0hWmvPTwdBTkC+XVPaP+Mcr6G8K8MlczkSrDy
Nl0VUZW7A8zdRx+Mxev6D/69r2EysDBEUs082tIUIcnSoiWA2mBapLtmCZxI8MGP
TKxuJgeXxGBfKV3Z7ivumuVmGL4xPJ0OM7WrE7lDb6TZGHjdZro2vDqWpffHBSeH
ZG5GJ3wURWxXUwOncR0V9e7ULi6UPfJbONrKmSUFMRsd5qnzDQSlrLoWSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZ+rJOB2jE/f2ypd+O0fUOspd98MB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvTm42c2s0SGFNVDlfYktsMzQ3UjlRNnlsMzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe+cMA0G
CSqGSIb3DQEBCwUAA4IBAQBkn/0m5VOMvaK9a83dtseOHaYHs1DeuF0WM7Gs3BfS
7FoXttlG3+peK88NQ+TS9/HskJblfuv1qB4TY6L2JzWLh9LjmI79h2mUo58KTzr+
OfYJw3MgHBH8cAZeuTvQfh64OVK90cvJ9r/p3MKAiO3EoEK245Hav+78FrcaVODe
BLEQoQyrxDd59i37keuC6SsahCbjnIVoKxlnd/8UYpKs3dJlCOIrk5LuRoiKmZdb
XtJX/GoERXDu21sgsPh3HYCm34fVqwsFL4nBpz53ArNuR/7H//Dki8/VdaMvv1Mg
WeCmClTr9lKuMDjWxPw3esyc4R5beEol6dv0vBYjUG4O
-----END CERTIFICATE-----
Generated at Wed May 7 16:41:37 2025 by rpki-client